community-signals

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests user-generated content from public forums (Hacker News via the Algolia API and Reddit via the Apify actor) as shown in SKILL.md and scripts/community_signals.py (HN_ALGOLIA_BASE, APIFY_ACTOR_ID), and it parses and scores those posts/comments to drive recommendations and follow-up actions, so untrusted third‑party content can materially influence agent behavior.